A new security service from Google Cloud Platform (GCP) will use load balancing to protect GCP customers against distributed denial of service (DDoS) attacks, according to a Wednesday blog post from Google.
The service,called Cloud Armor, uses the same global HTTP(S) load balancing found in products like Search and YouTube, the post said. Users only need to configure load balancing for the service to be activated.
“Cloud Armor works with Cloud HTTP(S) Load Balancing, provides IPv4 and IPv6 whitelisting/blacklisting, defends against application-aware attacks such as cross-site scripting (XSS) and SQL injection (SQLi), and delivers geography-based access control,” the post said.
Users can create custom defenses with Layer 3 to Layer 7 parameters, the post said. And Cloud Armor will give a breakdown of blocked and allowed traffic as it goes.
Speaking of APIs, the Cloud Data Loss Prevention (DLP) API is now generally available. This allows users to better label, manage, and redact certain pieces of sensitive information, the post said.
Google also unveiled the Cloud Security Command Center (Cloud SCC), a new service in alpha that will provide an “inventory of your cloud assets, scan storage systems for sensitive data, detect common web vulnerabilities and review access rights to your critical resources,” the post said. This will bring more security transparency to services like App Engine, Compute Engine, Cloud Storage, and Cloud Datastore.